Windows 8 gesture login, perform gestures to unlock your device

Gesture-based login for Windows 8, is it more, or less secure?

Microsoft is preparing a new way to log into tablet PCs with Windows 8, by allowing a user to perform gestures on a screen instead of typing in letters or numbers. For example, you can use a photo with some personal meaning to you, create a sequence of taps, lines, and circles that must be performed in the right order, in order to unlock the computer.

It is a new form of an unlock procedure, and will have three paths chosen for it: people will love it, people will hate it, or Apple will sue Microsoft for some form of patent rip-off. Microsoft does acknowledge that the new gesture unlock puts smudges on the screen, and recording devices could theoretically allow the gesture password to be compromised, but says the risks are very low.

Not everyone agrees with Microsoft, though. Kenneth Weiss, inventor of RSA's SecurID token who now runs a three-factor authentication business called Universal Secure Registry, told Network World that it's not "serious security," that the gestures someone makes upon a screen can easily be recorded from a distance.

Microsoft says that a picture password composed of five gestures can be completed a whopping 398 trillion ways (that's 398,000,000,000,000). Compared to five-character passwords with letters and other types of characters typed into a keyboard, that only provides 182 million combinations, whilst an eight-character password allows for 9 trillion combinations.

Would you use this type of security? Personally, if someone wants to get into your device, I really don't think any form of security is going to help. It just stops the people who don't know much about it to be stopped. But someone who knows how to Google, or has a friend with some knowledge, and most security can be broken.